CVE-2019-5668: Null Pointer Dereference
First published: Fri Feb 22 2019(Updated: )
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiSubmitCommandVirtual in which the application dereferences a pointer that it expects to be valid, but is NULL, which may lead to denial of service or escalation of privileges.
Credit: psirt@nvidia.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Nvidia Gpu Driver | ||
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID and title of this vulnerability?
The vulnerability ID is CVE-2019-5668 and the title is NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer.
What does the vulnerability affect?
The vulnerability affects the NVIDIA Windows GPU Display Driver.
What is the severity of CVE-2019-5668?
The severity of CVE-2019-5668 is high with a score of 7.8.
How can this vulnerability be exploited?
This vulnerability can be exploited by dereferencing a NULL pointer in the kernel mode layer handler for DxgkDdiSubmitCommandVirtual.
What are the possible consequences of this vulnerability?
The possible consequences of this vulnerability include denial of service or escalation of privileges.
- collector/nvd-index
- agent/weakness
- agent/type
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/tags
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/nvidia
- canonical/nvidia gpu driver
- vendor/microsoft
- canonical/microsoft windows